{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5741", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-07T13:42:33.224Z", "datePublished": "2026-04-07T20:00:21.096Z", "dateUpdated": "2026-04-07T20:34:17.286Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-07T20:00:21.096Z"}, "title": "suvarchal docker-mcp-server HTTP index.ts pull_image os command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-78", "lang": "en", "description": "OS Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}], "affected": [{"vendor": "suvarchal", "product": "docker-mcp-server", "versions": [{"version": "0.1.0", "status": "affected"}], "modules": ["HTTP Interface"]}], "descriptions": [{"lang": "en", "value": "A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stop_container/remove_container/pull_image of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-07T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-07T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-07T15:47:37.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "BruceJin (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/355748", "name": "VDB-355748 | suvarchal docker-mcp-server HTTP index.ts pull_image os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/355748/cti", "name": "VDB-355748 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/786948", "name": "Submit #786948 | suvarchal docker-mcp-server 0.1.0 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/suvarchal/docker-mcp/issues/3", "tags": ["issue-tracking"]}, {"url": "https://github.com/BruceJqs/public_exp/issues/1", "tags": ["exploit", "issue-tracking"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-07T20:33:40.667570Z", "id": "CVE-2026-5741", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-07T20:34:17.286Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5741", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-07T13:42:33.224Z", "datePublished": "2026-04-07T20:00:21.096Z", "dateUpdated": "2026-04-07T20:34:17.286Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-07T20:00:21.096Z"}, "title": "suvarchal docker-mcp-server HTTP index.ts pull_image os command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-78", "lang": "en", "description": "OS Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}], "affected": [{"vendor": "suvarchal", "product": "docker-mcp-server", "versions": [{"version": "0.1.0", "status": "affected"}], "modules": ["HTTP Interface"]}], "descriptions": [{"lang": "en", "value": "A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stop_container/remove_container/pull_image of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-07T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-07T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-07T15:47:37.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "BruceJin (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/355748", "name": "VDB-355748 | suvarchal docker-mcp-server HTTP index.ts pull_image os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/355748/cti", "name": "VDB-355748 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/786948", "name": "Submit #786948 | suvarchal docker-mcp-server 0.1.0 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/suvarchal/docker-mcp/issues/3", "tags": ["issue-tracking"]}, {"url": "https://github.com/BruceJqs/public_exp/issues/1", "tags": ["exploit", "issue-tracking"]}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5741", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-07T20:33:40.667570Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-07T20:34:12.989Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stop_container/remove_container/pull_image of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet."}], "id": "CVE-2026-5741", "lastModified": "2026-04-08T21:27:00.663", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-07T20:16:34.873", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/BruceJqs/public_exp/issues/1"}, {"source": "cna@vuldb.com", "url": "https://github.com/suvarchal/docker-mcp/issues/3"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/786948"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355748"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355748/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}, {"lang": "en", "value": "CWE-78"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.1.0"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "docker-mcp-server", "source": "cna", "vendor": "suvarchal"}, "product": "docker-mcp-server", "vendor": "suvarchal"}], "analysis": {"en": {"generated_at": "2026-04-07T22:16:03.564135+00:00", "value": {"mitigation_remediation": ["Apply an upgrade to a version newer than 0.1.0 once released by suvarchal. ", "If updating is not possible, immediately restrict network access to the vulnerable HTTP endpoints or disable the stop_container, remove_container, and pull_image routes. ", "Deploy application or web\u2011application firewalls to filter out suspicious command\u2011execution patterns. ", "Monitor system and application logs for signs of unauthorized command usage and configure alerts for anomalous activity. ", "Contact the project maintainers to request a patch timeline and provide them with the discovered exploit details."], "summary": {"action": "Patch ASAP", "impact": "Remote Operating System Command Execution"}, "threat_synthesis": {"affected_systems": "Products affected include suvarchal's docker-mcp-server up to version 0.1.0. Any deployment of this version, regardless of environment, is vulnerable. The issue resides in the HTTP-facing components, so any machine exposing that interface is at risk.", "description_and_impact": "A flaw in suvarchal's docker-mcp-server allows an attacker to inject arbitrary operating system commands through the stop_container, remove_container, or pull_image functions exposed by the HTTP interface. The injection occurs via the src/index.ts file, enabling the attacker to execute commands with the privileges of the server process. This can lead to full compromise of the system, data theft, or further lateral movement.", "risk_and_exploitability": "The CVSS score of 6.9 denotes moderate severity, but the presence of a publicly available exploit and lack of a vendor response increase the risk. The threat vector is remote, achievable via the exposed HTTP API, and no special local privileges are required. Although EPSS is not listed, the exact exploit is already available, making the vulnerability likely to be targeted. The vulnerability is not currently in the CISA KEV catalog, but its impact warrants immediate attention."}}}}, "created": "2026-04-08T19:34:24.288333+00:00", "updated": "2026-04-08T19:45:53.262546+00:00", "vendors": ["suvarchal", "suvarchal$PRODUCT$docker-mcp-server"]}